diff options
| author | Theodore Ts'o <tytso@mit.edu> | 2018-04-25 01:12:32 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2018-04-25 02:41:39 -0400 |
| commit | 4e00b339e264802851aff8e73cde7d24b57b18ce (patch) | |
| tree | c11287bd73bff8a7a119d7fc55c94df2f0b61745 /drivers/char/random.c | |
| parent | 6c1e851c4edc13a43adb3ea4044e3fc8f43ccf7d (diff) | |
random: rate limit unseeded randomness warnings
On systems without sufficient boot randomness, no point spamming dmesg.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Diffstat (limited to 'drivers/char/random.c')
| -rw-r--r-- | drivers/char/random.c | 39 |
1 files changed, 34 insertions, 5 deletions
diff --git a/drivers/char/random.c b/drivers/char/random.c index 721dca8db9cf..cd888d4ee605 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c | |||
| @@ -261,6 +261,7 @@ | |||
| 261 | #include <linux/ptrace.h> | 261 | #include <linux/ptrace.h> |
| 262 | #include <linux/workqueue.h> | 262 | #include <linux/workqueue.h> |
| 263 | #include <linux/irq.h> | 263 | #include <linux/irq.h> |
| 264 | #include <linux/ratelimit.h> | ||
| 264 | #include <linux/syscalls.h> | 265 | #include <linux/syscalls.h> |
| 265 | #include <linux/completion.h> | 266 | #include <linux/completion.h> |
| 266 | #include <linux/uuid.h> | 267 | #include <linux/uuid.h> |
| @@ -438,6 +439,16 @@ static void _crng_backtrack_protect(struct crng_state *crng, | |||
| 438 | static void process_random_ready_list(void); | 439 | static void process_random_ready_list(void); |
| 439 | static void _get_random_bytes(void *buf, int nbytes); | 440 | static void _get_random_bytes(void *buf, int nbytes); |
| 440 | 441 | ||
| 442 | static struct ratelimit_state unseeded_warning = | ||
| 443 | RATELIMIT_STATE_INIT("warn_unseeded_randomness", HZ, 3); | ||
| 444 | static struct ratelimit_state urandom_warning = | ||
| 445 | RATELIMIT_STATE_INIT("warn_urandom_randomness", HZ, 3); | ||
| 446 | |||
| 447 | static int ratelimit_disable __read_mostly; | ||
| 448 | |||
| 449 | module_param_named(ratelimit_disable, ratelimit_disable, int, 0644); | ||
| 450 | MODULE_PARM_DESC(ratelimit_disable, "Disable random ratelimit suppression"); | ||
| 451 | |||
| 441 | /********************************************************************** | 452 | /********************************************************************** |
| 442 | * | 453 | * |
| 443 | * OS independent entropy store. Here are the functions which handle | 454 | * OS independent entropy store. Here are the functions which handle |
| @@ -932,6 +943,18 @@ static void crng_reseed(struct crng_state *crng, struct entropy_store *r) | |||
| 932 | process_random_ready_list(); | 943 | process_random_ready_list(); |
| 933 | wake_up_interruptible(&crng_init_wait); | 944 | wake_up_interruptible(&crng_init_wait); |
| 934 | pr_notice("random: crng init done\n"); | 945 | pr_notice("random: crng init done\n"); |
| 946 | if (unseeded_warning.missed) { | ||
| 947 | pr_notice("random: %d get_random_xx warning(s) missed " | ||
| 948 | "due to ratelimiting\n", | ||
| 949 | unseeded_warning.missed); | ||
| 950 | unseeded_warning.missed = 0; | ||
| 951 | } | ||
| 952 | if (urandom_warning.missed) { | ||
| 953 | pr_notice("random: %d urandom warning(s) missed " | ||
| 954 | "due to ratelimiting\n", | ||
| 955 | urandom_warning.missed); | ||
| 956 | urandom_warning.missed = 0; | ||
| 957 | } | ||
| 935 | } | 958 | } |
| 936 | } | 959 | } |
| 937 | 960 | ||
| @@ -1572,8 +1595,9 @@ static void _warn_unseeded_randomness(const char *func_name, void *caller, | |||
| 1572 | #ifndef CONFIG_WARN_ALL_UNSEEDED_RANDOM | 1595 | #ifndef CONFIG_WARN_ALL_UNSEEDED_RANDOM |
| 1573 | print_once = true; | 1596 | print_once = true; |
| 1574 | #endif | 1597 | #endif |
| 1575 | pr_notice("random: %s called from %pS with crng_init=%d\n", | 1598 | if (__ratelimit(&unseeded_warning)) |
| 1576 | func_name, caller, crng_init); | 1599 | pr_notice("random: %s called from %pS with crng_init=%d\n", |
| 1600 | func_name, caller, crng_init); | ||
| 1577 | } | 1601 | } |
| 1578 | 1602 | ||
| 1579 | /* | 1603 | /* |
| @@ -1767,6 +1791,10 @@ static int rand_initialize(void) | |||
| 1767 | init_std_data(&blocking_pool); | 1791 | init_std_data(&blocking_pool); |
| 1768 | crng_initialize(&primary_crng); | 1792 | crng_initialize(&primary_crng); |
| 1769 | crng_global_init_time = jiffies; | 1793 | crng_global_init_time = jiffies; |
| 1794 | if (ratelimit_disable) { | ||
| 1795 | urandom_warning.interval = 0; | ||
| 1796 | unseeded_warning.interval = 0; | ||
| 1797 | } | ||
| 1770 | return 0; | 1798 | return 0; |
| 1771 | } | 1799 | } |
| 1772 | early_initcall(rand_initialize); | 1800 | early_initcall(rand_initialize); |
| @@ -1834,9 +1862,10 @@ urandom_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos) | |||
| 1834 | 1862 | ||
| 1835 | if (!crng_ready() && maxwarn > 0) { | 1863 | if (!crng_ready() && maxwarn > 0) { |
| 1836 | maxwarn--; | 1864 | maxwarn--; |
| 1837 | printk(KERN_NOTICE "random: %s: uninitialized urandom read " | 1865 | if (__ratelimit(&urandom_warning)) |
| 1838 | "(%zd bytes read)\n", | 1866 | printk(KERN_NOTICE "random: %s: uninitialized " |
| 1839 | current->comm, nbytes); | 1867 | "urandom read (%zd bytes read)\n", |
| 1868 | current->comm, nbytes); | ||
| 1840 | spin_lock_irqsave(&primary_crng.lock, flags); | 1869 | spin_lock_irqsave(&primary_crng.lock, flags); |
| 1841 | crng_init_cnt = 0; | 1870 | crng_init_cnt = 0; |
| 1842 | spin_unlock_irqrestore(&primary_crng.lock, flags); | 1871 | spin_unlock_irqrestore(&primary_crng.lock, flags); |